The Securities and Exchange Commission’s bread-and-butter enforcement actions focus on accounting fraud. The SEC has a long history in uncovering fraudulent financial reporting schemes. In the early 2000s, Wall Street was shaken by a number of scandals involving financial reporting fraud which eventually resulted in passage of the Sarbanes-Oxley Act. This Act transformed the auditing profession and to this day is the most important reform to impact financial reporting. For public companies, financial reporting remains a high-risk area and the SEC’s performance in this area is relatively consistent.
In a recent enforcement action, the SEC settled with VMware, Inc. for $8 million because VMware mislead investors about its order backlog management practices that allowed VMware to push revenue into future quarters and thereby provide false information to investors. VMware is a software company that engages in the sale of cloud-storage software and services. VMware’s misleading statements occurred in quarterly and annual reports, during earnings calls, and in earnings releases for its 2019 and 2020 fiscal years.
In 2019, VMware adopted a new accounting standard, and began discretionarily to hold back some sales orders, which were otherwise ready to be booked and recorded as revenue in the current quarter. This practice was implemented to delay revenue and control and timing of revenue recognition. These discretionary holds were referred to internally as “managed pipeline” or “MPL.” As a result, VMware delayed delivery of license keys to customers and thereby delayed the recognition of license revenue to the next quarter or service revenue to future quarters when services were actually performed. VMware relied on this strategy to build a buffer to protect future quarter earnings performance. The SEC estimated that through this practice VMware shifted tens of millions of dollars in revenue into future quarters.
VMware’s backlog was defined to include unfulfilled orders for software, maintenance and related professional services. Under U.S. generally accepted accounting principles (“GAAP”), revenue is recognized when transfer of control of a product occurs. VMware recognized revenue when the license key is delivered to a customers to access on-premises or cloud-based software, or through delivery of services when such services are performed.
During FY19 and FY20, VMware controlled the timing of its revenue recognition by placing discretionary holds on selected sales orders, which delayed the delivery of license keys. VMware used this technique when it had already met analyst and investor earnings estimates in order to reduce its performance in a quarter in which the targets had been reached and push the revenue into future quarters as insurance against a poor quarter.
Starting in 2019, VMware disclosed that “[t]he amount and composition of [VMware’s] backlog will fluctuate period to period, and backlog is managed based upon multiple considerations, including product and geography.” The SEC cited this specific misrepresentation because it omitted material information concerning the discretionary nature of VMware’s backlog, the extent to which VMware actually controls the amount of its backlog and how backlog was being used to manage the timing of the company’s recognition of total and license revenue.
According to the SEC, VMware’s backlog practices were controlled for the purpose of determining in which quarters revenue would be recognized, and had the effect of obscuring the company’s financial performance and avoiding revenue shortfalls against analyst and investor guidance in three quarters in FY 2020 and for the full annual year FY 2020.